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DETAILED ACTION 



1. Claims 1-26 have been re-examined and are pending with this action. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented 
and the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1, 5, 9, and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable 

over Orita (US 5,163,147 A). 

As per claim 1, 5, 9, and 23, Orita teaches of an apparatus (see col.2, line 53: 

computer system), a method (see col.7, Iinel6), and a program storage device readable 

by a machine, tangibly embodying a program of instructions executable by the machine 

(see col.l, lines 37-40), for controlling operations by a client on a stored file (see col.l, 

lines 52-56: "accessing a file by a user" and col.2, lines 54-56), said apparatus 

comprising: a first memory associated with the file, said first memory (see Fig.l, #14, 

and col.2, line 68) for storing a fixed file security status, said fixed file security status 

being of a first type (see col.3, lines 25-30: "NO"); a second memory (see Fig.l, #14, 

and col.2, line 68) associated with the file, said second memory for storing an active file 
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security status, said active file security status initially copied from said fixed file security 
status and initially being of said first type and changeable to a second type (col. 3, lines 
25-30: "YES"); a request handler (see col. 2, lines 11-12: "access verifying unit") 
receiving a request from the client to perform operations on the file, said request 
handler disallowing the client from performing operations on the file if said active file 
security status is of said first type and allowing the client to perform operations on the 
file if said active file security status is of said second type (see Fig.3, #S13 and col.4, 
lines 60 to col.5, line 1); and a independent verification routine (see col.l, line 68: "user 
recognizing unit"; and col.4, lines 49-52) having access to a security database listing 
clients and corresponding privileges (see Fig.l, #12; Fig.4; Fig.5; col.3, lines 5-9 & 36- 
44; and col.3, line 56 to col.4, line 22), and capable of receiving a authorization 
credential from the client (see col.l, line 68; col.2, lines 1-4; and col.3, lines 17-25), 
said independent verification routine causing said active file security status to change to 
said second type if said authorization credential indicates that the client has the 
privilege to access the file (see Fig.3, step S13 to step S15, and col.4, line 60 to col.5, 
line 1). 

Although Orita does not explicitly teach of a "fixed file security status" or an 
"active file security status", he does teach of comparing input data with stored data to 
change the security status to either allow or deny access of the user to the system, 
program, and file access. Therefore, it would have been obvious to a person of 
ordinary skill in the art at the time the invention was made to employ a fixed file 
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security status of accessing a file system until an active file security status changes the 
status type because all users are denied access unless approved via an authentication 
means as taught by Orita. 

3. Claims 10-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Scott et al. (US 5,987,123 A) in view of Orita (US 5,163,147 A) and Mandalia (US 
6,324,584 Bl). 

As per claims 10, 13, 16, and 19, Scott teaches of a method (see Abstract and 
col.l, lines 35-38) and a program storage device readable by a machine, tangibly 
embodying a program of instructions executable by a machine (see col.3, lines 14-19), 
for creating a secure file on a file system (see col.2, lines 12-13) including a verification 
routine (see col.3, lines 22-23: "signature checking software"), the method comprising: 
receiving from a user an open for write call (see col .4, lines 2-5 and col.5, lines 46-47) 
for a file that does not exist at the time said call is received (see col.2, lines 10-16: 
"creating a secure file... to perform a file access operation on a file of the data 
processing system"); recognizing that the file does not exist at the time the call is 
received (inherent); creating a file entry for said file (see col.2, lines 12-13: "creating a 
secure file"); receiving from said user an authorization credential (see col.5, lines 51- 
57); authenticating with said verification routine the privileges of the user (see col.4, 
lines 5-8 & 39-54); recognizing a combination of a user sending an open for write call 
for a file that does not exist at the time the call is received and said authorization 
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credential that is authenticated (see col.3, line 60 to col.4, line 7 and col.4, lines 39-54); 
and creating a secure file (see Fig. 5 and col.5, lines 57-59) in said file system, having a 
fixed file security status being of a first type (see col.6, lines 23-32). 

Scott does not teach of a request handler. Orita teaches of a request handler 
(see col. 2 lines 11-12: "access verifying unit"). It would have been obvious to a person 
of ordinary skill in the art at the time the invention was made to employ the teachings 
of Orita within the system of Scott by employing a request handler to handle all user 
request within the secure file creating system, apparatus, and method, because 
functions performed by a data processing system of "receiving", "obtaining", 
"encrypting", and "creating" (see Scott: col.2, lines 10-20) would not occur if a request 
handler did not exist to correctly respond to user request(s). 

Scott does not teach that the file system is a router. Mandalia teaches of a 
router with a file system (see col.l, lines 15-21). It would have been obvious to a 
person of ordinary skill in the art at the time the invention was made to employ the 
teachings of Mandalia within the system of Scott by employing a router with a file 
system within the secure file creating system, apparatus, and method, because Scott 
teaches that an automatic and transparent method of checking and authenticating data 
is needed (see col.l, lines 29-31), and by implementing a router to perform such 
functions as taught by Mandalia will not only alleviate the congestion, but will eliminate 
the need for each data repository to check for authentication which will also save time 
for the user and the processors. 
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As per claims 11, 12, 14, 15, 17, 18, 20, and 21, Scott further teaches setting a 
memory location (see col.4, line 14: "stored") associated with the file and in said file 
system of said router to a value indicating that the file is a secure file (see col.4, lines 
13-15 and col.3, lines 46-49) and closing said file entry (implicit). 



4. Claims 2, 6, 22, and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Orita (US 5,163,147 A), as applied to claims 1, 5, 9, and 23 above, 
and further in view of Subramaniam et al. (US 5,519,507 A). Orita teaches all the 
limitations of claims 2, 6, 22, and 24 including a third memory associated (see col.8, 
lines 1-3 and col.l, lines 40-43) with the file, but he does not teach that the said third 
memory is used for storing a delete-on-close status, said delete-on-close status initially 
set to a first value and changeable to a second value, wherein said first value indicates 
that the file will not be deleted upon closing and the second value indicates that the file 
will be deleted upon closing. Subramaniam teaches of a delete-on-close status, said 
delete-on-close status initially set to a first value and changeable to a second value, 
wherein said first value indicates that the file will not be deleted upon closing and the 
second type indicates that the file will be deleted upon closing (see col.6, lines 31-33 
and 35-37). It would have been obvious to a person of ordinary skill in the art, at the 
time the invention was made, to employ the teachings of Subramaniam within the 
system of Orita, by allowing the client who has access to a particular file to be able to 
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delete or retain the file from memory upon closing, because such functions enable the 
client to have complete control of the file in which they have access to. 

5. Claims 3, 4, 7, 8, 25, and 26 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Orita (US 5,163,147 A) and Subramaniam et al. (US 5,519,507 A), as 
applied to claims 1, 2, 5, 6, 23, and 24 above, and further in view of Testin et al. (US 
4,776,038 A). Orita and Subramaniam teach all the limitations of claims 3, 4, 7, 8, 25, 
and 26, except that the first memory is a non-volatile random access memory and said 
second memory and third memory are in a file entry, and that the first memory, said 
second memory, and said third memory comprise single bits. Testin teaches of a non- 
volatile random access memory and said second memory and third memory are in a file 
entry (see col.3, lines 39-40) and that the first memory, said second memory, and said 
third memory comprise single bits (see col.4, lines 58-62). It would have been obvious 
to a person of ordinary skill in the art, at the time the invention was made, to employ 
the teachings of Testin within the system of Orita and Subramaniam, because non- 
volatile random access memory allows the contents to be retained even after power is 
removed, thus allowing an assign value in the first memory to always retain that value 
and because assigning a single bit to a memory allows for two states ("0" state or "1" 
state) to serve two functions, respectively. This enables the content from switching 
from a desired state such as a "1" which could mean "access not granted" to an 
unknown or an error state per each power down and power back up sequence. 
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Response to Arguments 

6. In response to the argument regarding claims 1, 5, 9, and 23, the applicant is 
reminded that Orita is not in prosecution. Whether Orita's invention is a two part 
process or not, the functional elements of what is claimed is clearly taught by Orita. 
The claimed invention does not specifically state that process of accessing a secure file 
cannot be precluded by a login step as taught by Orita. Orita clearly teaches that to 
access a file by a user, the "comparing" of user's entered information with that of 
previously stored information results in a "change" of the security status of the user's 
access to the file from a "NO" to a "YES". Additional references locations have been 
provide to clarify any confusion the reference teaches. 

7. In response to applicant's argument regarding claims 10-21, that the references 
fail to show certain features of applicant's invention, it is noted that the features upon 
which applicant relies (i.e., "trust security" versus "access security") are not recited in 
the rejected claim(s). Although the claims are interpreted in light of the specification, 
limitations from the specification are not read into the claims. See In re Van Geuns, 
988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). Furthermore, Scott teaches that the 
user signature data structure has a name, type, public key, values indicating the type of 
permission t he entity has for the system (e.g., create, delete, read, write, execute, 



Application/Control Number: 09/414,995 Page 9 

Art Unit: 2155 

ect.)" (see col.3, line 60 to col.4, line 5). Additional references locations have been 
provide to clarify any confusion the reference teaches. 

With respect to the argument regarding Orita and Mandalia as being 
insufficient, see definition of 35 U.S.C. 103(a). The secondary references each teach 
one element of the claimed invention. Since the primary reference teaches the rest, 
additional reference locations need not be located so long as the single reference 
location teaches the element claimed. One cannot show nonobviousness by attacking 
references individually where the rejections are based on combinations of references. 
See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 
F.2d 1091, 231 USPQ 375 (Fed. Or. 1986). 

8. For the reasons stated above claims 2-4, 6-8, 22, 24-26, remain rejected. 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of 
time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire 
later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Michael Y Won whose telephone number is 703-605- 
4241. The examiner can normally be reached on M-Th: 6AM-3PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Hosain T Alam can be reached on 703-308-6662. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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